At the [un]prompted 2026 conference, TrendAI™ researchers demonstrated critical vulnerabilities in AI-driven Know Your Customer (KYC) pipelines and introduced FENRIR, an automated vulnerability discovery system. Principal Threat Researcher Sean Park illustrated how malicious instructions embedded in documents like passports can trick AI agents into executing code and leaking sensitive customer data, effectively turning static verification files into active attack vectors.
To counter these evolving threats, TrendAI™ unveiled FENRIR, a multi-stage pipeline designed to identify zero-day vulnerabilities in AI and Model Context Protocol (MCP) ecosystems. By utilizing tools like CodeQL and LLM reasoning to filter false positives, the system has already facilitated the discovery of over 60 published CVEs. This shift toward agentic defense highlights the necessity of using automated tools to secure the rapidly expanding AI attack surface at a scale human researchers cannot manage alone.
Top comments (0)